An issue exists in GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 12.7.9, 12.8.x prior to 12.8.9, and 12.9.x prior to 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure (Exposure of Sensitive Information) via request smuggling.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |